This has been very helpful refreshing myself on some things. I would love to comment that the instructor, who presumably has taught this many times and can even be a stale subject (legacy protocols etc), looks so damn genuinely excited. You can see his passion for networking and that giddy little smile as he's watching a student connect the dots, much like the smile I assume we all get the first time you correctly configure a lab after hours of trial and error. So thank you Nickolai for sharing your passion, it's greatly appreciated and you are very proficient in all aspects of your role. Cheers
This lecture is more like a general discussion on SSL, Certificates. It assumes that you will learn about certificates on your own. (set the right expectations)
Is it normal to have Session ID in the First Client Hello, and then have the Web Server pick that up and use it in further TLS traffic ? Why is this behavior were the Client Hello decides the Session ID; and does this have any security risks for a public facing webserver?
The attacker has no access to the hash; the developer specifies the allowable hash in their source, and the hash would be calculated based on the content of the jquery code received by the browser.
Can you please help us understanding where exactly chain certificate is involved in SSL handshake. I have concerns... what chain certificate does at server side. I understand what is chain certificate but my question is where you are making use of chain certificate in SSL handshake? Why we copy that on server when it not require in Ssl handshake. is there any specific use case of chain certificate I heard that Browsers have major root CAs and intermediate CAs public keys. Please correct if I am wrong, Whatever I see in the browser, those are not the root certificate and chain/intermediate certificate but they are only public keys of root and chain certs. Next, During the SSL handshake in step two when server responds to the client with his Server hello message.... After that does server send only server certificate or it sends both to the client (server certificate and chain certificate)? Please answer
Kavita Singh : During server hello, server sends the chain of certs. This helps client to validate if the server is chaining to correct Root Ca and not talking to someone who is acting as a man in the middle. This is why you import the chain of certs at server side. Install a wireshark or network monitor tool on your laptop and connect to any secure websites, you can see this in a trace.
TLS is a proposed Internet Engineering Task Force (IETF) standard, first defined in 1999, and the current version is TLS 1.3, defined in August 2018. TLS builds on the now-deprecated SSL (Secure Sockets Layer) specifications (1994, 1995, 1996) developed by Netscape Communications for adding the HTTPS protocol to their Navigator web browser.
This course is about Computer Systems Security, and this video is about what is the role of SSL and HTTPS it's not about implementing it rather understanding the core function of SSL between HTTP and TCP/IP.
I'm wonder why this class is being taught at graduate level... let alone at MIT of all the universities? You would expect for schools to go over these basic topics in undergrad. Note: 98% of class are men, lol. Come'n women... join the foray. Feel the pain and then the excitement.
This has been very helpful refreshing myself on some things. I would love to comment that the instructor, who presumably has taught this many times and can even be a stale subject (legacy protocols etc), looks so damn genuinely excited. You can see his passion for networking and that giddy little smile as he's watching a student connect the dots, much like the smile I assume we all get the first time you correctly configure a lab after hours of trial and error.
So thank you Nickolai for sharing your passion, it's greatly appreciated and you are very proficient in all aspects of your role. Cheers
I'm so appreciative that is this available to everyone. This is great.
Uu
I’m sorry
Juuuuu
I have never seen crypto, ssl, tls etc...explained better than in this lesson. This lecturer is really great.
This guy is a fantastic lecturer!
What a passionate teacher, I learned what is passion from him
This guy teaches well and he is very easy to understand.
This guy is a fantastic lecturer and amazing!!!
This lecture is more like a general discussion on SSL, Certificates. It assumes that you will learn about certificates on your own. (set the right expectations)
This lecture is just awesome. I can see why MIT is the best.
Excellent lecture! Everything explained nicely. You can clearly tell he is very knowledgeable about the topic.
Nickolai is a great lecturer.
you are such a good teacher
He is a excellent tutor.i like his way of teaching.
Really good lecture. Thank you!
Just funny complete course link in the description is HTTP. Anyway good lecture.
Thank you
12:51 It's Diffie-Hellman (misheard in subs).
Is it normal to have Session ID in the First Client Hello, and then have the Web Server pick that up and use it in further TLS traffic ? Why is this behavior were the Client Hello decides the Session ID; and does this have any security risks for a public facing webserver?
13:24 Can someone explain why the nonce generated by B helps to fix the replay problem? Thanks.
good lessons
Damn, I missed the quiz!
Public keys are accessible by anyone. Anyone can encrypt data using them. This allows for ransomware attacks...
Can we see public key on certificate? Anyone can explain for me, please I'm still vague.
Yeah,public key is sended with CA
I would say the title shall be keberos protocol
You don't get to decide, MIT does. And no, this isn't about KerberOS, it is about SSL.
why do professors still use notes? do t hey not have the material memorized?
I have to say I missed lectures
what is an attacker change jquery and create new hash?
The attacker has no access to the hash; the developer specifies the allowable hash in their source, and the hash would be calculated based on the content of the jquery code received by the browser.
Billions of dollar for the MIT each year and they cant fix a door lol - great lecture though...
Lol. My school can't fix lights.
Where are the lectures of this course?
TH-cam playlist: th-cam.com/video/GqmQg-cszw4/w-d-xo.html.
Course materials: ocw.mit.edu/6-858F14. Best wishes on your studies!
@@mitocw you guys replied on 4 Years old video and that also within a day. You are awesome people ❤️
Can you please help us understanding where exactly chain certificate is involved in SSL handshake. I have concerns... what chain certificate does at server side. I understand what is chain certificate but my question is where you are making use of chain certificate in SSL handshake?
Why we copy that on server when it not require in Ssl handshake. is there any specific use case of chain certificate
I heard that Browsers have major root CAs and intermediate CAs public keys. Please correct if I am wrong, Whatever I see in the browser, those are not the root certificate and chain/intermediate certificate but they are only public keys of root and chain certs. Next, During the SSL handshake in step two when server responds to the client with his Server hello message.... After that does server send only server certificate or it sends both to the client (server certificate and chain certificate)? Please answer
Kavita Singh : During server hello, server sends the chain of certs. This helps client to validate if the server is chaining to correct Root Ca and not talking to someone who is acting as a man in the middle. This is why you import the chain of certs at server side. Install a wireshark or network monitor tool on your laptop and connect to any secure websites, you can see this in a trace.
cooolll
MIT don't have white board??
Blackboard is better imo, easier to see when the chalk is used up and less waste.
It looks more like Terminal! I love it!
Good lecture, except it wasn't really about SSL. At one point he even says SSL isn't very interesting, LOL!
TLS is a proposed Internet Engineering Task Force (IETF) standard, first defined in 1999, and the current version is TLS 1.3, defined in August 2018. TLS builds on the now-deprecated SSL (Secure Sockets Layer) specifications (1994, 1995, 1996) developed by Netscape Communications for adding the HTTPS protocol to their Navigator web browser.
Don’t go to MIT ti study audio production
No one asked for your opinion. Also use captions. Machines can hear him.
I just realized he spelled skank on the board.
why does he writes 'a' like he is writing an 'e'
camera guy thinks he is filming dolphins
any mouse 🐭😂
Kemey ke
make sense?
shiran VATURY not a word...(😢
@@davetriplett4779 actually it's pretty easy. Try using openssl and you'll get the hang of it
shiran VATURY Thanks! I will look that up!
40 minutes in, and still nothing on SSL.
Isn't this the entire basis for SSL? What are you looking for exactly?
take some nootropics
Too bad none of them will get a job in IT when they graduate.
Title is so misleading, he never speaks about SSL, dont waste your time watching it.
This course is about Computer Systems Security, and this video is about what is the role of SSL and HTTPS it's not about implementing it rather understanding the core function of SSL between HTTP and TCP/IP.
I'm wonder why this class is being taught at graduate level... let alone at MIT of all the universities? You would expect for schools to go over these basic topics in undergrad.
Note: 98% of class are men, lol. Come'n women... join the foray. Feel the pain and then the excitement.
Such a confusing lecture. So much unnecessary and confusing information provided! How MIT can hire a person like Zildevich!!!
you are such a good teacher
good lessons